Email anonymity breached by Canadian researchers

Just because you send an email anonymously doesn’t mean people can’t figure out who you are anymore.

Just because you send an email anonymously doesn’t mean people can’t figure out who you are anymore.

A new technique developed by researchers at Concordia University in Quebec could be used to unmask would-be anonymous emailers by sniffing out patterns in their writing style from use of all lowercase letters to common typos.

Their research, published in the journal Digital Investigation, describes techniques that could be used to serve up evidence in court, giving law enforcement more detailed information than a simple IP address can produce.

"In the past few years, we've seen an alarming increase in the number of cybercrimes involving anonymous emails," says study co-author Benjamin Fung, a professor of Information Systems Engineering at Concordia University. "These emails can transmit threats or child pornography, facilitate communications between criminals or carry viruses."

Of course some might be concerned that the technique could be used to reveal identities of whistleblowers or others who have legitimate reasons for sending emails via publicly available tools for sending anonymous messages.

The anonymous email cracking technique devised by Fung and colleagues in cyber-forensics is to identify patterns in emails written by a subject, then filter out patterns found in emails of other suspects, narrowing it all down until only a unique “write-print” remains.

Concordia researchers tested their system by putting it to use on over 200,000 emails from 158 employees of Enron, and were able to identify authors 80% to 90% of the time.